Hi there, I'm using Wireshark 2.1 for MAC, and I have a problem to decode traces taken in our core network. Every single packet shows the error "Bogus IPV6 version (0, must be 6)", as you can see in the image attached. It works for my colleagues who are using downgraded versions of Wireshark (v 1.XX). Is there any way to tweak a preference and make it work in any version? asked 06 Oct '16, 08:27 artrilla showing 5 of 6 show 1 more comments |
The current stable version is 2.2.1, can you try that version?
More interesting would be - is the IP version really 0? If you expand the IPv6 layer, what does the value for "Version" say?
Can you share a capture in a publicly accessible spot, e.g. CloudShark?
HI There,
Same problem is shown in version 2.2.1
If I expand the IP layer, the version shown is 0 (I know, this is incorrect, but previous versions of Wireshark are ignoring this problem)
I just installed v 1.99.8 and the traces are shown without issues.
So the problem is that v2.XX is picky with the validation of values in certain fields.
Your answer has been converted to a comment as that's how this site works. Please read the FAQ for more information.
No, the problem is that whatever's capturing your packets is mangling them.
What tool was used to capture that traffic?